Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/iwTv2xbw8I6PFGywYce1r1AGEAc.roa
File: iwTv2xbw8I6PFGywYce1r1AGEAc.roa (raw, json)
Hash identifier: XbmhDEqe7sXsda1zYEigPuPEoQNRIprUs+WqrIcW4LM=
Subject key identifier: 8B:04:EF:DB:16:F0:F0:8E:8F:14:6C:B0:61:C7:B5:AF:50:06:10:07
Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221
Certificate serial: 0F42
Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/iwTv2xbw8I6PFGywYce1r1AGEAc.roa
Signing time: Thu 28 Mar 2024 01:02:57 +0000
ROA not before: Thu 28 Mar 2024 01:02:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 2914
IP address blocks: 180.223.32.0/21 maxlen: 24
180.223.48.0/21 maxlen: 24
180.223.56.0/21 maxlen: 24
180.223.152.0/21 maxlen: 24
180.223.192.0/21 maxlen: 24
180.223.200.0/21 maxlen: 24
180.223.208.0/21 maxlen: 24
180.223.216.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Apr 2024 07:38:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3906 (0xf42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221
Validity
Not Before: Mar 28 01:02:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8B04EFDB16F0F08E8F146CB061C7B5AF50061007
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:37:11:69:75:70:99:d4:c2:f0:56:f8:a2:66:
d1:67:61:d4:fc:a2:af:7d:da:aa:a1:15:0b:5d:85:
59:c2:26:0f:c6:21:39:4d:9c:e9:dc:f5:7e:0f:27:
04:24:14:9e:50:d9:35:5e:a4:75:3c:c3:e2:d1:fe:
7f:5c:57:f4:66:d1:3f:8b:18:0b:8c:d1:fd:04:31:
9d:f0:bd:f1:37:3d:80:d2:e3:91:f6:88:6b:01:c6:
94:47:34:eb:b6:86:dc:b1:05:67:2c:4f:38:7b:41:
a0:38:79:d2:a5:79:c5:ba:05:6f:65:8e:7f:b7:f5:
e8:9a:21:af:f5:30:90:5b:46:56:06:fc:4e:fe:b0:
1c:a6:96:71:6b:92:08:77:69:e4:02:38:37:58:e3:
04:37:f2:27:e1:df:48:0d:27:52:9e:b5:b3:31:88:
1f:2e:8f:02:ae:10:62:92:27:02:9f:35:36:4f:b7:
a7:e1:28:9e:84:fe:91:7f:a1:95:f2:57:da:b8:50:
33:08:33:12:c7:b4:a5:65:ff:62:aa:ec:54:51:7f:
8a:f9:9e:00:70:90:2d:29:1b:c7:b2:57:ba:08:f7:
47:1f:8e:2b:b3:26:a3:1a:ac:d8:a4:50:87:88:11:
b5:e3:86:e0:b0:f0:8e:da:d1:95:e6:7a:81:25:00:
3a:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:04:EF:DB:16:F0:F0:8E:8F:14:6C:B0:61:C7:B5:AF:50:06:10:07
X509v3 Authority Key Identifier:
keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/iwTv2xbw8I6PFGywYce1r1AGEAc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
180.223.32.0/21
180.223.48.0/20
180.223.152.0/21
180.223.192.0/19
Signature Algorithm: sha256WithRSAEncryption
45:30:8e:10:42:11:d1:b8:e2:d4:00:71:90:1d:ea:15:a8:6b:
68:f8:2e:d1:57:b6:21:83:68:26:b2:ef:c3:40:a9:a7:8f:9a:
6a:97:c6:8f:d3:6c:64:93:8c:b8:bd:ea:9e:0d:87:4a:77:52:
fe:f3:bd:db:5b:c1:90:45:62:ec:7d:0c:d8:35:dd:ed:0e:2d:
dd:6d:88:e8:a1:78:86:c1:b1:31:6b:0e:fd:33:34:e8:d8:85:
ad:02:df:f6:32:34:2e:1f:df:76:71:de:a1:40:94:01:d4:89:
5d:b6:00:6e:65:be:43:63:7d:8a:36:00:d4:8a:38:b1:f4:6d:
ac:66:54:91:a5:1f:43:32:6c:77:36:70:92:76:71:02:0a:9c:
13:01:e4:f4:65:db:5a:40:8f:96:ad:1d:58:4b:28:e3:74:48:
d0:4d:5d:17:16:04:c8:24:e4:27:a7:71:25:ae:39:eb:dc:2c:
48:8f:cd:c6:d6:d1:76:a8:2c:18:fd:ba:8f:b9:9e:32:44:d2:
21:ea:09:15:a3:dd:96:2e:94:d8:88:f9:50:f2:8f:44:f2:1c:
a0:cb:cf:e3:d9:d3:19:55:9a:f0:fb:ba:79:1c:13:5f:b3:ea:
ee:90:6e:f5:66:56:de:c1:a2:ee:07:9e:17:b2:40:80:ab:d1:
dd:80:d0:af
-----BEGIN CERTIFICATE-----
MIIE6TCCA9GgAwIBAgICD0IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw
QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDAzMjgw
MTAyNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhCMDRFRkRCMTZGMEYw
OEU4RjE0NkNCMDYxQzdCNUFGNTAwNjEwMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhNxFpdXCZ1MLwVviiZtFnYdT8oq992qqhFQtdhVnCJg/GITlN
nOnc9X4PJwQkFJ5Q2TVepHU8w+LR/n9cV/Rm0T+LGAuM0f0EMZ3wvfE3PYDS45H2
iGsBxpRHNOu2htyxBWcsTzh7QaA4edKlecW6BW9ljn+39eiaIa/1MJBbRlYG/E7+
sBymlnFrkgh3aeQCODdY4wQ38ifh30gNJ1KetbMxiB8ujwKuEGKSJwKfNTZPt6fh
KJ6E/pF/oZXyV9q4UDMIMxLHtKVl/2Kq7FRRf4r5ngBwkC0pG8eyV7oI90cfjiuz
JqMarNikUIeIEbXjhuCw8I7a0ZXmeoElADqPAgMBAAGjggIFMIICATAdBgNVHQ4E
FgQUiwTv2xbw8I6PFGywYce1r1AGEAcwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD
IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvaXdUdjJ4Ync4STZQ
Rkd5d1ljZTFyMUFHRUFjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEw
GAMEA7TfIAMEBLTfMAMEA7TfmAMEBbTfwDANBgkqhkiG9w0BAQsFAAOCAQEARTCO
EEIR0bji1ABxkB3qFahraPgu0Ve2IYNoJrLvw0Cpp4+aapfGj9NsZJOMuL3qng2H
SndS/vO921vBkEVi7H0M2DXd7Q4t3W2I6KF4hsGxMWsO/TM06NiFrQLf9jI0Lh/f
dnHeoUCUAdSJXbYAbmW+Q2N9ijYA1Io4sfRtrGZUkaUfQzJsdzZwknZxAgqcEwHk
9GXbWkCPlq0dWEso43RI0E1dFxYEyCTkJ6dxJa4569wsSI/NxtbRdqgsGP26j7me
MkTSIeoJFaPdli6U2Ij5UPKPRPIcoMvP49nTGVWa8Pu6eRwTX7Pq7pBu9WZW3sGi
7geeF7JAgKvR3YDQrw==
-----END CERTIFICATE-----
Generated at Wed Apr 17 09:53:41 2024 by rpki-client on console-ams.rpki-client.org